CVE-2019-0730 – Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0730
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de de privilegios en Windows, debido a que maneja de forma incorrecta las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegios de Windows'. ... On Microsoft Windows, the LUAFV driver reuses the file's create request DesiredAccess parameter, which can include MAXIMUM_ACCESS, when virtualizing a file resulting in elevation of privilege. • https://www.exploit-db.com/exploits/46713 http://packetstormsecurity.com/files/152533/Microsoft-Windows-LUAFV-Delayed-Virtualization-MAXIMUM_ACCESS-DesiredAccess-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0730 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2019-0731 – Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0731
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver doesn't take into account a virtualized handle being duplicated to a more privileged process resulting in elevation of privilege. • https://www.exploit-db.com/exploits/46714 http://packetstormsecurity.com/files/152534/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cross-Process-Handle-Duplication-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0731 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2019-0732 – Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
https://notcve.org/view.php?id=CVE-2019-0732
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'. En Windows existe una vulnerabilidad de omisión de la característica de seguridad, que podría permitir a un atacante eludir Device Guard, debido a que Windows maneja de forma incorrecta las llamadas al controlador LUAFV (luafv.sys), también conocido como 'Vulnerabilidad de omisión de la característica de seguridad de Windows'. On Microsoft Windows, the NtSetCachedSigningLevel system call can be tricked by the operation of LUAFV to apply a cached signature to an arbitrary file leading to a bypass of code signing enforcement under UMCI with Device Guard. • https://www.exploit-db.com/exploits/46716 http://packetstormsecurity.com/files/152536/Microsoft-Windows-LUAFV-NtSetCachedSigningLevel-Device-Guard-Bypass.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0732 • CWE-863: Incorrect Authorization •
CVE-2018-3989
https://notcve.org/view.php?id=CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. • http://www.securityfocus.com/bid/107005 https://cert-portal.siemens.com/productcert/pdf/ssa-760124.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-844562.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf https://talosintelligence.com/vulnerability_reports/TALOS-2018-0657 • CWE-908: Use of Uninitialized Resource •
CVE-2018-3608
https://notcve.org/view.php?id=CVE-2018-3608
A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. • https://github.com/gguaiker/Trend_Micro_POC http://esupport.trendmicro.com/support/vb/solution/ja-jp/1120144.aspx https://esupport.trendmicro.com/en-US/home/pages/technical-support/1120237.aspx • CWE-94: Improper Control of Generation of Code ('Code Injection') •